What solved it for me was having the Windows Admin re-execute the setspn command. He had executed for the first time but I had this issue. I checked everything and couldn't find any error on my server. There was another server already setup and running just fine, copied everything from that server to the one with this problem and the exact same problem would show up. At this point I realized it was a problem beyond my server. The Windows Admin suggested to delete the spn config and re-execute the exact same setspn command he did at first, which he did. I retested it and it worked like a charm and has worked ever since.

I found this hard to believe but now I'm a believer. I remember reading some posts about folks who had the exact same experience but I decided to move on to the next post as it didn't seem to be logical. If you are absolutely certain is not an issue in your server, give this a try. Maybe you are as "lucky" as some of us have been.

Looking back at my notes, my Windows Admin actually didn't delete the account. He simply re-ran the same setspn command he had executed weeks earlier and that seemed to have done the trick. His suspicion was that something had changed somewhere in the environment and required an update to the spn configuration. But he wasn't sure what was the cause of the problem. All we know is that running the command again seemed to have fixed whatever was the problem.

Just as a future reference, I'm running Jboss with:

java version "1.6.0_05"

Java(TM) SE Runtime Environment (build 1.6.0_05-b13)

Java HotSpot(TM) Client VM (build 10.0-b19, mixed mode, sharing)

Now, I was 100% sure it was either an SPN configuration issue or a network issue because I was able to isolate the problem thanks to another server that was correctly configured and fully working. I'm not sure if this applies to you unless you have isolated the problem as well.

Investigating i found a problem with register of machine in Domain/ActivieDirectory and setspn command.

When machine is registered in Domain a ID is assigned to this machine in AD, when your set SPN for this machine this ID is used by AD to validate kerberos tokens, if you remove this machine from AD and add again the ID is changed and SPN is invalid in this moment, causing this error "Specified version of key is not available (44))" other operations in domain also can cause this problem.

To solve my problem:

1o. remove machine from Domain and all registers of this machine in AD like SPN.

2o. add again machine in Domain

3o. set SPN again for this machine

how betogf said, "when again add machine with setspn can solve this problem", if have changes in machine on domain after this setspn again can solve, in my case not, was necessary steps above.